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DETAILED ACTION 

1. Claims 1-41 are pending in the application. 

2. Claims 1-41 have been rejected. 

Response to Amendment 

3. The examiner approves the amendments made to the specification. No new matter has 
been added. 

Response to Arguments 

4. Applicant's arguments with respect to claims 1-41 have been considered but are moot 
in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the 
United States before the invention thereof by the applicant for patent, or on an international application 
by another who has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this 
title before the invention thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act 
of 1999 (AIPA) and the Intellectual Property and High Technology Technical 
Amendments Act of 2002 do not apply when the reference is a U.S. patent resulting 
directly or indirectly from an international application filed before November 29, 2000, 
Therefore, the prior art date of the reference is determined under 35 U.S.C. 102(e) prior 
to the amendment by the AIPA (pre-AIPA 35 U.S.C. 102(e)). 
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5. Claims 1, 2, 6, 10, 13, 17, 24-29 and 36 are rejected under 35 U.S.C. 102(e) as 
being anticipated by Borella U.S. Patent No. 6,442,603 Bl. 

As to claims 1, 17, 22, 24, 27-29, 36 and 38, Borella discloses validating a request 
message against a predefined request message specification. Borella discloses 
transmitting the validated request message, Borella discloses validating a response 
message against a predefined response message specification. Borella discloses that the 
response message corresponds to the validated request. Borella discloses transmitting the 
validated response [column 12, lines 24-59]. 

As to claim 2, Borella discloses wherein the request and response message 
specifications are predefined in accordance with valid request and response message 
constraints specific to an information resource, as discussed above. 

As to claim 6, Borella discloses accessing an information resource in accordance 
with the validated request message and preparing the response message in accordance 
with the access [column 1 1, lines 31-48]. 

As to claim 10, Borella discloses the request and the response message validating 
are respectively performed at first and second secure data brokers on opposing sides of 
the security barrier; and wherein the validated request and response message 
transmissions are between the first and second secure data brokers [column 12, lines 14- 
23]. 

As to claim 13, Borella discloses at least one of the validated request message 
transmitting and the validated response message transmitting is via a secure protocol 
[column 8 line 62 to column 9 line 5]. 
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As to claim 25, Borella discloses a second data broker on the second side of the 
security barrier, wherein, in response to an access targeting the information resource, the 
second data broker validates a response message against a predefined response message 
specification and forwards only validated response messages across the security barrier 
[column 10, lines 32-41]. 

As to claim 26, Borella discloses an information resource [column 3, lines 21-33]. 
Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6, Claims 15 and 16 are rejected under 35 U.S.C 103(a) as being unpatentable over 
Borella U.S. Patent No. 6,442,603 Bl as applied to claim 1 above, and further in 
view of Chen et al U.S. Patent No. 5,602,918. 

As to claim 15, Borella does not teach a firewall. 

Chen teaches a security barrier that is a firewall and a secure channel, see abstract. 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have a firewall between the first network server and 
the information source. Only the validated access requests would cross the firewall 
toward the information resource. 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to have modified Clark by the teaching of Chen is because a 
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firewall provides a safe passage between the secured network and the party on the public 
network [column 2 lines 15-21]. 

7. Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Borella 
U.S. Patent No. 6,442,603 Bl as applied to claim 1 above, and further in view of 
Applied Cryptography (hereinafter Schneier). 

As to claim 3, Borella does not teach that at least one of the request and response 
message specifications is cryptographically secured. 

Schneier teaches the use and benefits of encryption, page 2. 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time invention was made to have had packet filter instructions cryptographically 
secured. 

It would have been obvious to modify Borella by the teaching of Schneier 
because cryptography offers authentication, integrity and nonrepudiation, page 2. 

8. Claims 4, 5, 7-9, 14, 18-23, 37 and 39-41 are rejected under 35 U.S.C 103(a) as 
being unpatentable over Borella U.S. Patent No. 6,442,603 Bl as applied to claims 1 
and 17 above, and further in view of Bobo, II U.S. Patent No. 5,870,549. 

As to claims 4, 5, 7-9, 14, 19, 20, 22, 37 and 39-41, Borella teaches receiving, at 
an application proxy, an access request targeting an information resource, as discussed 
above. Borella teaches transmitting the request message to a secure data broker for the 
request message validating, as discussed above. 

Borella does not teach formatting the request message in a structured language 
corresponding to the request message specification. 
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Bobo teaches the translation of messages into XML format [column 21, lines 37- 

42]. 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have the gateway as taught by Borella to format the 
outgoing packets to the XML structured language. 

It would have been obvious to have modified Borella by the teaching of Bobo 
because XML is easier to write applications for, easier to understand, and more suited to 
delivery and inter-operability over the Web [column 21 lines 33-37]. 

As to claim 18, Borella teaches accessing the information resource in accordance 
with the validated access request, as discussed above. 

As to claims 21 and 23, Borella teaches accessing the information resource in 
accordance with the validated access request from a client and supplying the client with a 
response in accordance with the validated response, as discussed above. 
9. Claims 11 and 12 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Borella U.S. Patent No. 6,442,603 Bl as applied to claim 1 above, and further in 
view of Ottensooser U.S. Patent No. 5,905,856. 

As to claims 1 1 and 12, Borella teaches rejecting packets if it is not defined by the 
rules. The Borella teaches forwarding a response message without transmission of the 
request message across the security barrier [column 5, lines 6-32]. 

Borella does not teach parsing the request message using Data Type Definitions 
(DTDs) encoding a hierarchy of valid tag-value pairs in accordance with syntax of a valid 
request message. 
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Ottensooser teaches parsing the request message using Data Type Definitions 
(DTDs) encoding a hierarchy of valid tag-value pairs in accordance with syntax of a valid 
request message [column 7, lines 58-64; column 10 line 66 to column 1 1 line 30], 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have modified Borella so that gateway of Borella 
would have parsed the request message using data type definitions, encoding a hierarch 
of valid-tag pairs in accordance with the syntax of a valid request message. If the request 
message were not successfully parsed, an alert message would have been forwarded 
across the firewall 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to have modified Borella by the teaching of Ottensooser because 
the structure permits the use of a simple language that allows the user to write a set of 
tests that closely match the business activities under scrutiny. The language is 
sufficiently high level so that the user does not have to be involved in the highly 
technical "behind the scenes" type work that actually tells the computer application what 
to do. Other products on the market are not as advanced and rely on the skills of 
computer programmers to write test plans rather than business users [column 13, lines 
47-58]. 

10. Claims 30-33 and 35 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Clark et al U.S. Patent No. 5,710,889 in view of Chen et al U.S. Patent No. 
5,602,918. 

As to claims 30, 32 and 34, Clark discloses data broker code and parser code 
executable on a first network server. Clark discloses an information source [repository 
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11]. Clark discloses that the data broker code includes instructions executable as a first 
instance thereof to receive access requests in a structured language corresponding to a 
predefined request message specification and to forward validated ones of the access 
requests toward the information resource. Clark discloses the parser code includes 
instructions executable as a first instance thereof to validate the received access request 
against the predefined request message specifications [column 5 line 63 to column 6 line 
29; column 10 lines 53-61]. 

Clark does not teach a security barrier separating the first network server and the 
information resource, 

Chen teaches a system and method for establishing secured communications 
pathways across an open unsecured network, without compromising the security of any 
parties to the communication that involves establishing secured gateways or firewalls 
between the Internet and any party which desires protection, see abstract. 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have a firewall between the first network server and 
the information source. Only the validated access requests would cross the firewall 
toward the information resource. 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to have modified Clark by the teaching of Chen is because a 
firewall provides a safe passage between the secured network and the party on the public 
network [column 2 lines 15-21], 

As to claim 31, Clark teaches an encoding of the predefined request message 
specification [column 7 lines 53-63]. 
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As to claim 33, Clark teaches an encoding of the predefined response message 
specification [column 8 lines 31-35]. 

As to claim 35, Clark teaches the computer program code is transmitted in at least 
one computer readable medium from an electronic storage medium and on a network 
[columns lines 30-48]. 

11. Claim 34 is rejected under 35 U.S.C. 103(a) as being unpatentable over Clark et 
al U.S. Patent No. 5,710,889 and Chen et al U.S. Patent No. 5,602,918 as applied to 
claim30 above, and further in view of Bobo, II U.S. Patent No. 5,870,549. 

The Clark-Chen combination does not teach that the application proxy code 
includes instructions executable to format the access requests in accordance with the 
structured language corresponding to the predefined request message specification. 

Bobo teaches instructions executable to format the access requests in accordance 
with the structured language corresponding to the predefined request message 
specification. 

Therefore, it would have been obvious to a person having ordinary skill in the art 
at the time the invention was made to have the application proxy code have instructions 
to format the access requests in accordance with the structured language corresponding to 
the predefined request message specification [column 21, lines 37-42], 

It would have been obvious to have modified the Clark-Chen combination by the 
teaching of Bobo because XML is easier to write applications for, easier to understand, 
and more suited to delivery and inter-operability over the Web [column 21 lines 33-37]. 
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Conclusion 


12. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K Moorthy whose telephone number is 703-305- 
1373. The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 


Aravind K Moorthy 
May 26, 2004 



